t_exclopen.c revision 38032 
138032Speter/*
238032Speter**  This program tests your system to see if you have the lovely
338032Speter**  security-defeating semantics that an open with O_CREAT|O_EXCL
438032Speter**  set will successfully open a file named by a symbolic link that
538032Speter**  points to a non-existent file.  Sadly, Posix is mute on what
638032Speter**  should happen in this situation.
738032Speter**
838032Speter**  Results to date:
938032Speter**	AIX 3.2		OK
1038032Speter**	BSD family	OK
1138032Speter**	  BSD/OS 2.1	OK
1238032Speter**	  FreeBSD 2.1	OK
1338032Speter**	DEC OSF/1 3.0	OK
1438032Speter**	HP-UX 9.04	FAIL
1538032Speter**	HP-UX 9.05	FAIL
1638032Speter**	HP-UX 9.07	OK
1738032Speter**	HP-UX 10.01	OK
1838032Speter**	HP-UX 10.10	OK
1938032Speter**	HP-UX 10.20	OK
2038032Speter**	Irix 5.3	OK
2138032Speter**	Irix 6.2	OK
2238032Speter**	Irix 6.3	OK
2338032Speter**	Irix 6.4	OK
2438032Speter**	Linux		OK
2538032Speter**	NeXT 2.1	OK
2638032Speter**	Solaris 2.x	OK
2738032Speter**	SunOS 4.x	OK
2838032Speter**	Ultrix 4.3	OK
2938032Speter*/
3038032Speter
3138032Speter#include <stdio.h>
3238032Speter#include <errno.h>
3338032Speter#include <sys/types.h>
3438032Speter#include <sys/stat.h>
3538032Speter#include <fcntl.h>
3638032Speter
3738032Speterchar Attacker[128];
3838032Speterchar Attackee[128];
3938032Speter
4038032Spetermain(argc, argv)
4138032Speter	int argc;
4238032Speter	char **argv;
4338032Speter{
4438032Speter	struct stat st;
4538032Speter
4638032Speter	sprintf(Attacker, "/tmp/attacker.%d.%ld", getpid(), time(NULL));
4738032Speter	sprintf(Attackee, "/tmp/attackee.%d.%ld", getpid(), time(NULL));
4838032Speter
4938032Speter	if (symlink(Attackee, Attacker) < 0)
5038032Speter	{
5138032Speter		printf("Could not create %s->%s symlink: %d\n",
5238032Speter			Attacker, Attackee, errno);
5338032Speter		bail(1);
5438032Speter	}
5538032Speter	(void) unlink(Attackee);
5638032Speter	if (stat(Attackee, &st) >= 0)
5738032Speter	{
5838032Speter		printf("%s already exists -- remove and try again.\n",
5938032Speter			Attackee);
6038032Speter		bail(1);
6138032Speter	}
6238032Speter	if (open(Attacker, O_WRONLY|O_CREAT|O_EXCL, 0644) < 0)
6338032Speter	{
6438032Speter		int saveerr = errno;
6538032Speter
6638032Speter		if (stat(Attackee, &st) >= 0)
6738032Speter		{
6838032Speter			printf("Weird.  Open failed but %s was created anyhow (errno = %d)\n",
6938032Speter				Attackee, saveerr);
7038032Speter			bail(1);
7138032Speter		}
7238032Speter		printf("Good show!  Exclusive open works properly with symbolic links (errno = %d).\n",
7338032Speter			saveerr);
7438032Speter		bail(0);
7538032Speter	}
7638032Speter	if (stat(Attackee, &st) < 0)
7738032Speter	{
7838032Speter		printf("Weird.  Open succeeded but %s was not created\n",
7938032Speter			Attackee);
8038032Speter		bail(2);
8138032Speter	}
8238032Speter	printf("Bad news: you can do an exclusive open through a symbolic link\n");
8338032Speter	printf("\tBe sure you #define BOGUS_O_EXCL in conf.h\n");
8438032Speter	bail(1);
8538032Speter}
8638032Speter
8738032Speterbail(stat)
8838032Speter	int stat;
8938032Speter{
9038032Speter	(void) unlink(Attacker);
9138032Speter	(void) unlink(Attackee);
9238032Speter	exit(stat);
9338032Speter}
94